Rsync feature request

[Jeff Klink]

I would like to suggest a feature that I believe would help out one  
usability  aspect of rysnc.  The patch I am suggesting will allow the  
rysnc module to return 1 of multiple secrets from the password file,  
essentially allowing you to check ANY user's (whom belong to a team)  
secret to see if it matches.

For example: For 2 users (user1 and user2) belonging to team1, it  
would check all users passwords when they authenticates to their team  
share

- User1 - password '123'
- User2 - password 'abc'
- Team1 - password '890'

When authenticating for team1 (as user1, user2, or team1), either of  
the 3 passwords would work since any matching secret is returned. This  
allows the admin to create teams where all users can log in using  
their own password.

This would allow the following command to succeed

rsync -zavP * user1 at servername::team1

So user1 could use his/her own password when transmitting files to the  
team1 folder/share.

The patch attached to this email is against the 2.6.6 source.  I would  
perhaps suggest that another piece be added to have this be  
implemented as a command-line switch.

--
Jeff Klink

--- rsync-2.6.6/authenticate.c	2005-04-10 13:09:10.000000000 -0400
+++ rsync-2.6.6.patched/authenticate.c	2005-09-12 14:44:59.091055616  
-0400
@@ -76,7 +76,7 @@

  /* Return the secret for a user from the secret file, null terminated.
   * Maximum length is len (not counting the null). */
-static int get_secret(int module, char *user, char *secret, int len)
+static int get_secret(int module, char *user, char *secret, int len,  
int skip_how_many)
  {
  	char *fname = lp_secrets_file(module);
  	STRUCT_STAT st;
@@ -125,8 +125,13 @@
  		else if (p) {
  			if (*p == ch)
  				p++;
-			else if (!*p && ch == ':')
-				break;
+			else if (!*p && ch == ':') {
+                                if (skip_how_many == 0)
+                                        break;
+
+                                skip_how_many--;
+                                p = NULL;
+                        }
  			else
  				p = NULL;
  		}
@@ -262,23 +267,29 @@
  	}

  	memset(secret, 0, sizeof secret);
-	if (!get_secret(module, line, secret, sizeof secret - 1)) {
-		memset(secret, 0, sizeof secret);
-		rprintf(FLOG, "auth failed on module %s from %s (%s): "
-			"missing secret for user \"%s\"\n",
-			lp_name(module), host, addr, line);
-		return NULL;
-	}
-
-	generate_hash(secret, challenge, pass2);
-	memset(secret, 0, sizeof secret);

-	if (strcmp(pass, pass2) != 0) {
-		rprintf(FLOG, "auth failed on module %s from %s (%s): "
-			"password mismatch\n",
-			lp_name(module), host, addr);
-		return NULL;
-	}
+        {
+            int skip = 0;
+            for (;;) {
+                if (!get_secret(module, line,
+                               secret, sizeof(secret)-1, skip)) {
+                        memset(secret, 0, sizeof secret);
+                        rprintf(FLOG, "auth failed on module %s from  
%s (%s): "
+                                "password mismatch\n",
+                                lp_name(module), host, addr);
+
+                        return NULL;
+                }
+
+                generate_hash(secret, challenge, pass2);
+                memset(secret, 0, sizeof(secret));
+
+                if (strcmp(pass, pass2) == 0)
+                        break;
+
+                skip++;
+            }
+        }

  	return strdup(line);
  }